Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
CVE-2026-54917
  • github.com/seaweedfs/seaweedfs
 SeaweedFS: Path traversal in the S3 and Iceberg REST gateways allows cross-bucket access 15 hours ago
  • Fix available
  • Severity - 7.8 (High)
CVE-2026-56779
  • github.com/1panel-dev/maxkb
 MaxKB < 2.10.0 - Server-Side Request Forgery via downloadCallbackUrl and download_url Parameters 15 hours ago
  • Fix available
  • Severity - 5.3 (Medium)
CVE-2026-56774
  • github.com/kanboard/kanboard
 Kanboard - Cross-User Deletion of Persistent Login Sessions via Unvalidated Session ID 15 hours ago
  • No fix available
  • Severity - 5.3 (Medium)
CVE-2026-56772
  • github.com/samuelclay/newsblur
 NewsBlur < 14.5.0 - Insecure Direct Object Reference in Social Interactions Endpoint 15 hours ago
  • Fix available
  • Severity - 5.3 (Medium)
CVE-2026-56771
  • github.com/samuelclay/newsblur
 NewsBlur < 14.5.0 - Server-Side Request Forgery via add_url Endpoint 15 hours ago
  • Fix available
  • Severity - 6.3 (Medium)
CVE-2026-56770
  • github.com/schwehr/libais
 libais 0.15 - Out-of-bounds Vector Access in VdmStream::AddLine via Invalid Sequential Message ID 15 hours ago
  • No fix available
  • Severity - 8.7 (High)
CVE-2026-46608
  • github.com/nicolargo/glances
 Glances: XML-RPC Multi-Origin CORS Configuration Silently Falls Back to Wildcard (Incomplete Fix for CVE-2026-33533) 15 hours ago
  • Fix available
  • Severity - 7.4 (High)
CVE-2026-56769
  • github.com/hcengineering/platform
 Huly Platform - Server-Side Request Forgery via /import Endpoint 15 hours ago
  • No fix available
  • Severity - 6.3 (Medium)
CVE-2026-56768
  • github.com/haiwen/seahub
 Seahub < 13.0.23 - Authentication Bypass in ShareLinkZipTaskView GET Method 15 hours ago
  • Fix available
  • Severity - 8.7 (High)
CVE-2026-46607
  • github.com/nicolargo/glances
 Glances: Insecure Pickle Deserialization in Version Cache Leads to Arbitrary Code Execution 15 hours ago
  • Fix available
  • Severity - 7.8 (High)
CVE-2026-53925
  • github.com/nicolargo/glances
 Glances: Arbitrary file write and command execution via `secure_popen` redirection and chaining operators in AMP command configuration 15 hours ago
  • Fix available
  • Severity - 7.8 (High)
CVE-2026-56767
  • github.com/getmaxun/maxun
 Maxun < 0.0.42 - Cross-Tenant IDOR in Storage and Webhook API Handlers 15 hours ago
  • Fix available
  • Severity - 8.7 (High)
CVE-2026-46606
  • github.com/nicolargo/glances
 Glances: Command Injection via KVM/QEMU VM Domain Names in glances/plugins/vms/engines/virsh.py 15 hours ago
  • Fix available
  • Severity - 7.8 (High)
CVE-2026-56766
  • github.com/vanhauser-thc/thc-hydra
 Hydra - Stack Buffer Overflow in NTLM Authentication Handler 15 hours ago
  • No fix available
  • Severity - 8.6 (High)
CVE-2026-46611
  • github.com/nicolargo/glances
 Glances: XML-RPC Server Missing Host Header Validation Enables DNS Rebinding Attack 15 hours ago
  • Fix available
  • Severity - 5.3 (Medium)
CVE-2026-54090
  • github.com/filebrowser/filebrowser
 File Browser: Command Allowlist Bypass via Shell Metacharacter Injection 15 hours ago
  • Fix available
  • Severity - 8.7 (High)
Load more...